<?php // view_all.php View all Articles
require_once('./inc/inc.common.php');
$tmpl 		= new mvTemplate();
$tmpl->page_title('Pending');

if(!isset($_REQUEST['acq'])) $_REQUEST['acq'] = 'a';

if(!isset($_SESSION['user']) || !$_SESSION['user']->isAdmin){
	mvError::userError('Not Authorized', 'You are not authorized to view that page.');
	header('location: index.php');
	die();
}

if(isset($_REQUEST['delid'])){
	if($a = article::load($_REQUEST['delid'])){
		$a->delete();
		mvError::userNotice('Article Deleted', 'The requested article has been deleted.');
		header('location: pending.php?acq='.$_REQUEST['acq']);
		die();
	}else{
		mvError::userError('Article Not Found', 'The Article You Tried to delete could not be found.');
	}
}

if(isset($_REQUEST['approveid'])){
	if($a = article::load($_REQUEST['approveid'])){
		$a->approve();
		mvError::userNotice('Article Approved', 'The Article has been approved.');
		header('location: pending.php?acq='.$_REQUEST['acq']);
		die();
	}else{
		mvError::userError('Article Not Found', 'The Article You Tried to delete could not be found.');
	}
}

switch($_REQUEST['acq']){
	case 'q':
		$where = " articles.Approved = 'Q' AND ParentID = 0 ";
		break;
	case 'c':
		$where = " articles.Approved = 'N' AND ParentID != 0 ";
		break;
	default:
		$where = " articles.Approved = 'N' AND ParentID = 0 ";
		break;
}

$sql = "SELECT FileID, Title, articles.AuthorID, articles.Approved, SubmitDate, FirstName, LastName
		FROM articles LEFT JOIN authors ON articles.AuthorID = authors.AuthorID
		WHERE {$where}
		ORDER by SubmitDate DESC";
$parms = array();
$query = $GLOBALS['db']->prepare_execute($sql, $parms);
$results = $query->fetchall();

$tmpl->assign('results', $results);
$tmpl->assign('pgtype', $_REQUEST['acq']);

$tmpl->page_display('pending.tpl');
?>
